Admin: Admin moved page Techology/Password Construction Guidelines to Technology/Password Construction Guidelines without leaving a redirect: Misspelling in Catagory

2023-08-08T17:40:46Z

Admin moved page Techology/Password Construction Guidelines to Technology/Password Construction Guidelines without leaving a redirect: Misspelling in Catagory

Admin: Creation of Password Construction Guideline page

2023-08-08T14:08:49Z

Creation of Password Construction Guideline page

New page

== <b>Password Construction Guidelines</b> ==

<p><h3>1.Overview</h3></p>
<p>Passwords are a critical component of information security. Passwords serve to protect access to user accounts, data and systems. However, a poorly constructed or easily guessed password can compromise the strongest defenses. This guideline provides best practices for creating strong passwords.</p>

<p><h3>2. Purpose</h3></p>
<p>The purpose of this guidelines is to provide best practices for the creation of strong passwords.</p>

<p><h3>3. Scope</h3></p>
<p>This guideline applies to employees, students, contractors, consultants, temporary and other workers, including all personnel affiliated with third parties. This guideline applies to all passwords including but not limited to user-level accounts, system-level accounts, web accounts, e-mail accounts, screen saver protection, voicemail, and local router logins.</p>

<p><h3>4. Policy</h3></p>

<p>Strong passwords are long, the more characters a password has the stronger it is. We recommend a minimum of 16 characters in all work-related passwords. In addition, we encourage the use of passphrases, passwords made up of multiple words. Examples include “It’s time for vacation” or “block-curious-sunny-leaves”. Passphrases are both easy to remember and type yet meet the strength requirements.</p>

<p>Password cracking or guessing may be performed on a periodic or random basis by the IT Team or its delegates. If a password is guessed or cracked during one of these scans, the user will be required to change.</p>

<p><h3>5. Policy Compliance</h3></p>

<p><h4>5.1 Compliance Measurement</h4></p>
<p>The IT team will verify compliance to this policy through various methods, including but not limited to password cracking exercises, business tool reports, internal and external audits, and feedback to the policy owner.</p>
<p><h4>5.2 Exceptions</h4></p>
<p>Any exception to the policy must be approved by the IT team in advance.</p>
<p><h4>5.3 Non-Compliance</h4></p>
<p>An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.</p>

<p><h3>6. Related Standards, Policies and Processes</h3></p>
<p>None.</p>

<p><h3>7. Definitions and Terms</h3></p>
<p>None.</p>

<p><h3>8. Revision History</h3></p>

<p>Date of Change:
July 2023</p>
<p>Responsible:
IT Director</p>
<p>Summary of Change:
Updated and converted to new format.</p>

← Older revision	Revision as of 17:40, 8 August 2023
(No difference)

Technology/Password Construction Guidelines - Revision history

Admin: Admin moved page Techology/Password Construction Guidelines to Technology/Password Construction Guidelines without leaving a redirect: Misspelling in Catagory

Admin: Creation of Password Construction Guideline page